<?php
include_once '../includes/common.php';

$act=isset($_GET['act'])?daddslashes($_GET['act']):null;

@header('Content-Type: application/json; charset=UTF-8');

switch($act){
case "send"://聊天室
    if($conf['chat_open']!=1)exit('{"code":-1,"msg":"聊天室正在维护更新，敬请期待！"}');
    if($islogin2!=1)exit('{"code":-1,"msg":"请登录后在发言！"}');
    $con=addslashes($_POST['con']);
    if ($conf['chat_limit_open'] == 1 && $conf['chat_timelimit'] && $conf['chat_iplimit']) {
        /****发言限制设定****/
        $timelimit = $conf['chat_timelimit']; //时间周期(秒)
        $iplimit = $conf['chat_iplimit']; //相同IP在1个时间周期内限制发言的次数
        $timelimits=date("Y-m-d H:i:s",TIMESTAMP-$timelimit);
        $ipcount=$DB->count("SELECT count(*) FROM authguao_chat WHERE `date`>'".$timelimits."' and `ip`='".$clientip."' ");
        if($ipcount>=$iplimit) {
            exit('{"code":-1,"msg":"你的发言速度太快了，请休息一下稍后重试。"}');
        }
    }
    if ($conf['chat_sensitive_open'] == 1) {
        $b = explode(",",$conf['chat_sensitive']);
        for ($a = 0;$a < count($b);$a++) {
        $c = substr_count($con, $b[$a]);
        if ($c > 0) {
            $info = $c;
            break;
            }
        }
        if ($info > 0) {
            exit('{"code":-1,"msg":"对不起，您的聊天内容含有敏感词汇！"}');
        }
    }
    $timerow=$DB->get_row("select * from authguao_chat where 1 order by id desc limit 1");
    $sql = "INSERT INTO `authguao_chat`(`uid`, `user`, `qq`, `content`, `date`, `time`, `time2`, `ip`) VALUES ('".$userrow['uid']."','".$userrow['user']."','".$userrow['qq']."','".$con."','".$date."','".TIMESTAMP."','".$timerow['time']."','".$clientip."')";
    if ($DB->query($sql)) {
        exit('{"code":0,"msg":"发言成功！"}');
    } else {
        exit('{"code":-1,"msg":"发言失败！' . $DB->error().'"}');
    }
break;
case 'uploadchatimg':
    if($conf['chat_open']!=1)exit('{"code":-1,"msg":"聊天室正在维护更新，敬请期待！"}');
    if($islogin2!=1)exit('{"code":-1,"msg":"请登录后在发言！"}');
    if($_POST['do']=='upload'){
        $filename = $_FILES['file']['name'];
        $ext = substr($filename, strripos($filename, '.') + 1);
        $arr = array('png', 'jpg', 'gif', 'jpeg', 'webp', 'bmp');
        if (!in_array($ext , $arr)) {
            exit('{"code":-1,"msg":"只支持上传图片文件"}');
        }
        $filename = md5_file($_FILES['file']['tmp_name']).'.png';
        $fileurl = '../assets/img/chat/'.$filename;
        if ($conf['chat_limit_open'] == 1 && $conf['chat_timelimit'] && $conf['chat_iplimit']) {
            /****发言限制设定****/
            $timelimit = $conf['chat_timelimit']; //时间周期(秒)
            $iplimit = $conf['chat_iplimit']; //相同IP在1个时间周期内限制发言的次数
            $timelimits=date("Y-m-d H:i:s",TIMESTAMP-$timelimit);
            $ipcount=$DB->count("SELECT count(*) FROM authguao_chat WHERE `date`>'".$timelimits."' and `ip`='".$clientip."' ");
            if($ipcount>=$iplimit) {
                exit('{"code":-1,"msg":"你的发言速度太快了，请休息一下稍后重试。"}');
            }
        }
        $con = '[img]'.$fileurl.'[/img]';
        $timerow=$DB->get_row("select * from authguao_chat where 1 order by id desc limit 1");
        $sql = "INSERT INTO `authguao_chat`(`uid`, `user`, `qq`, `content`, `date`, `time`, `time2`, `ip`) VALUES ('".$userrow['uid']."','".$userrow['user']."','".$userrow['qq']."','".$con."','".$date."','".TIMESTAMP."','".$timerow['time']."','".$clientip."')";
        if(copy($_FILES['file']['tmp_name'], ROOT.'assets/img/chat/'.$filename) && $DB->query($sql)){
            exit('{"code":0,"msg":"succ"}');
        }else{
            exit('{"code":-1,"msg":"发图失败，请确保有本地写入权限' . $DB->error().'"}');
        }
    }
    exit('{"code":-1,"msg":"null"}');
break;
case 'download_get':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $id=intval($_GET['id']);
    $row=$DB->get_row("SELECT * FROM authguao_site WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该授权记录不存在！"}');
    }
    $program = $DB->get_row("select * from authguao_program where id='" . $row['proid'] . "' limit 1");
    if(!$program){
        exit('{"code":-1,"msg":"该授权的程序不存在！"}');
    }
    $installer='download.php?my=installer&proid='.$row['proid'].'&authcode='.$row['authcode'].'&sign='.$row['sign'].'&r='.TIMESTAMP;
    $updater='download.php?my=updater&proid='.$row['proid'].'&authcode='.$row['authcode'].'&sign='.$row['sign'].'&r='.TIMESTAMP;
    $result=array('code'=>0,'msg'=>'succ','qq'=>$row['qq'],'installer'=>$installer,'updater'=>$updater);
    exit(json_encode($result));
break;
case 'downfile':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $proid = intval($_POST['proid']);
    $qq = daddslashes($_POST['qq']);
    if(!$proid){
        exit('{"code":-1,"msg":"请选择程序！"}');
    }
    $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
    if (!$program) {
        exit('{"code":-1,"msg":"该程序不存在！"}');
    }
    $row=$DB->get_row("SELECT * FROM authguao_site WHERE proid='{$proid}' and qq='{$qq}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该程序中不存在该QQ的授权记录！"}');
    }
    $installer='download.php?my=installer&proid='.$proid.'&authcode='.$row['authcode'].'&sign='.$row['sign'].'&r='.TIMESTAMP;
    $updater='download.php?my=updater&proid='.$proid.'&authcode='.$row['authcode'].'&sign='.$row['sign'].'&r='.TIMESTAMP;
    $result=array('code'=>0,'msg'=>'succ','name'=>$program['name'],'qq'=>$qq,'authcode'=>$row['authcode'],'sign'=>$row['sign'],'installer'=>$installer,'updater'=>$updater);
    exit(json_encode($result));
break;
case 'siteedit':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $id=intval($_GET['id']);
    $row=$DB->get_row("SELECT * FROM authguao_site WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该授权记录不存在！"}');
    }
    if($row['uid']!=$userrow['uid']){
        exit('{"code":-1,"msg":"无法编辑他人授权！"}');
    }
    $name=daddslashes($_POST['name']);
    $qq=daddslashes($_POST['qq']);
    $url=daddslashes($_POST['url']);
    $authcode=daddslashes($_POST['authcode']);
    $sign=daddslashes($_POST['sign']);
    $active=intval($_POST['active']);
    $ip=daddslashes($_POST['ip']);
    if(!$name or !$qq or !$url or !$authcode or !$sign){
        exit('{"code":-1,"msg":"请确保各项都不为空！"}');
    }
    if(strlen($authcode)!=32){
        exit('{"code":-1,"msg":"授权码格式错误！"}');
    }
    if ($row['qq'] != $qq) {
        $rows=$DB->get_row("SELECT * FROM authguao_site WHERE proid='{$row['proid']}' and qq='{$qq}' limit 1");
        if($program && $rows && $program['ipauth']==0){
            exit('{"code":-1,"msg":"该程序中已存在该QQ，请使用“添加站点”！"}');
        }
    }
    if ($row['url'] != $url) {
        $rowss=$DB->get_row("SELECT * FROM authguao_site WHERE proid='{$row['proid']}' and url='{$url}' limit 1");
        if($program && $rowss){
            exit('{"code":-1,"msg":"该程序中已存在该授权域名！"}');
        }
    }
    $sql="update `authguao_site` set `name` ='{$name}',`qq` ='{$qq}',`url` ='{$url}',`authcode` ='{$authcode}',`sign` ='{$sign}',`active` ='{$active}',`ip` ='{$ip}' where `id`='{$id}'";
    if($DB->query($sql)){
        exit('{"code":0,"msg":"编辑成功！"}');
    } else {
        exit('{"code":-1,"msg":"编辑失败！' . $DB->error().'"}');
    }
break;
case 'site_active':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $id=intval($_GET['id']);
    $row=$DB->get_row("SELECT * FROM authguao_site WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该授权记录不存在！"}');
    }
    if($row['uid']!=$userrow['uid']){
        exit('{"code":-1,"msg":"无法操作他人授权！"}');
    }
    $active = $row['active'] == 1 ? 0 : 1;
    $DB->query("update authguao_site set active='$active' where id='{$id}'");
    exit('{"code":0,"msg":"succ"}');
break;
case 'user_active':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $uid=intval($_GET['uid']);
    $row=$DB->get_row("SELECT * FROM authguao_site WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该用户记录不存在！"}');
    }
    if($row['upuid']!=$userrow['uid']){
        exit('{"code":-1,"msg":"无法操作他人下级！"}');
    }
    $status = $row['status'] == 1 ? 0 : 1;
    $DB->query("update authguao_user set status='$status' where uid='{$uid}'");
    exit('{"code":0,"msg":"succ"}');
break;
case 'add_face':
    if($conf['chat_open']!=1)exit('{"code":-1,"msg":"聊天室正在维护更新，敬请期待！"}');
    if($islogin2!=1)exit('{"code":-1,"msg":"请登录后在发言！"}');
    $face=addslashes($_POST['face']);
    $faces=$DB->get_row("select * from authguao_face where face='".$face."' limit 1");
    if ($faces) {
        exit('{"code":-1,"msg":"该表情已存在！"}');
    }
    $sql = "INSERT INTO `authguao_face`(`uid`, `face`, `date`, `ip`) VALUES ('".$userrow['uid']."','".$face."','".$date."','".$clientip."')";
    if ($DB->query($sql)) {
        exit('{"code":0,"msg":"添加表情成功！"}');
    } else {
        exit('{"code":-1,"msg":"添加表情失败！' . $DB->error().'"}');
    }
break;
case 'send_face':
    if($conf['chat_open']!=1)exit('{"code":-1,"msg":"聊天室正在维护更新，敬请期待！"}');
    if($islogin2!=1)exit('{"code":-1,"msg":"请登录后在发言！"}');
    $face=addslashes($_POST['face']);
    $con = '[img]'.$face.'[/img]';
    if ($conf['chat_limit_open'] == 1 && $conf['chat_timelimit'] && $conf['chat_iplimit']) {
        /****发言限制设定****/
        $timelimit = $conf['chat_timelimit']; //时间周期(秒)
        $iplimit = $conf['chat_iplimit']; //相同IP在1个时间周期内限制发言的次数
        $timelimits=date("Y-m-d H:i:s",TIMESTAMP-$timelimit);
        $ipcount=$DB->count("SELECT count(*) FROM authguao_chat WHERE `date`>'".$timelimits."' and `ip`='".$clientip."' ");
        if($ipcount>=$iplimit) {
            exit('{"code":-1,"msg":"你的发言速度太快了，请休息一下稍后重试。"}');
        }
    }
    $timerow=$DB->get_row("select * from authguao_chat where 1 order by id desc limit 1");
    $sql = "INSERT INTO `authguao_chat`(`uid`, `user`, `qq`, `content`, `date`, `time`, `time2`, `ip`) VALUES ('".$userrow['uid']."','".$userrow['user']."','".$userrow['qq']."','".$con."','".$date."','".TIMESTAMP."','".$timerow['time']."','".$clientip."')";
    if ($DB->query($sql)) {
        exit('{"code":0,"msg":"发送表情成功！"}');
    } else {
        exit('{"code":-1,"msg":"发送表情失败！' . $DB->error().'"}');
    }
break;
case 'face_list':
    if($conf['chat_open']!=1)exit('{"code":-1,"msg":"聊天室正在维护更新，敬请期待！"}');
    if($islogin2!=1)exit('{"code":-1,"msg":"请登录后在发言！"}');
    $count = $DB->count("select count(*) from authguao_face where uid=".$userrow['uid']."");
    if($count==0)exit('{"code":-1,"msg":"您还没有添加表情包呢"}');
    $rs=$DB->query("SELECT * FROM authguao_face WHERE uid=".$userrow['uid']." order by id desc");
    while($res = $DB->fetch($rs))
    {
        $data.='<img src="'.$res['face'].'" style="height: 120px;width: 120px" class="img-rounded img-circle img-thumbnail" onclick="send_face(\''.$res['face'].'\')">';
    }
    $result=array("code"=>0,"msg"=>"succ","face_list"=>$data);
    exit(json_encode($result));
break;
case 'addver':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $title=daddslashes($_POST['title']);
    $url=daddslashes($_POST['url']);
    $colour=daddslashes($_POST['colour']);
    if(!$title or !$url){
        exit('{"code":-1,"msg":"广告标题.跳转地址.不能为空！"}');
    }
    $row=$DB->get_row("SELECT * FROM authguao_adver WHERE title='$title' and url='$url' limit 1");
    if($row){
        exit('{"code":-1,"msg":"该广告信息已存在！"}');
    }
    if($conf['adver_time_type']==2){
        $last=date('Y-m-d', strtotime('+'.$conf['adver_time'].' years'));
    }elseif($conf['adver_time_type']==1){
        $last=date('Y-m-d', strtotime('+'.$conf['adver_time'].' months'));
    }else{
        $last=date('Y-m-d', strtotime('+'.$conf['adver_time'].' days'));
    }
    if($conf['adver_sh']==1){
        $see=1;
        $text='';
    }else{
        $text='[请耐心等待管理员审核]';
        $see=0;
    }
    if($conf['adver_money'] && $conf['adver_money']>0){
        if ($conf['adver_money']>$userrow['rmb']) {
            exit('{"code":-1,"msg":"您的不可提现余额不足，购买失败！"}');
        }
    }
    if($DB->query("insert into `authguao_adver` (`title`,`url`,`colour`,`date`,`daili`,`last`,`active`,`see`) values ('".$title."','".$url."','".$colour."','".$date."','".$userrow['uid']."','".$last."','1','".$see."')")){
        if($conf['adver_money'] && $conf['adver_money']>0){
            $DB->query("update `authguao_user` set `rmb`=`rmb`-{$conf['money']} where `uid`='{$userrow['uid']}'");
            addPointRecord($userrow['uid'], $money, '消费', '购买广告位扣除'.$money.'元');
        }
        exit('{"code":0,"msg":"购买广告位成功！'.$text.'"}');
    }else{
        exit('{"code":-1,"msg":"购买广告位失败！'.$DB->error().'"}');
    }
break;
case 'adduser':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $power=intval($_POST['power']);
    $proid=intval($_POST['proid']);
    if($userrow['power']>0){
    $user=daddslashes($_POST['user']);
    $pwd=daddslashes($_POST['pwd']);
    $qq=daddslashes($_POST['qq']);
    }
    if($power>0 && $power<3){
        if(!$proid){
            exit('{"code":-1,"msg":"请选择您用户的授权主程序！"}');
        }
        $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
        if (!$program) {
            exit('{"code":-1,"msg":"该程序不存在！"}');
        }
    }
    if ($power == 3) {
        $power_name = '全能管理员';
    } else if ($power == 2) {
        $power_name = '超级管理员';
    } else if ($power == 1) {
        $power_name = '授权商';
    } else {
        $power_name = '普通用户';
    }
    if($power==3){
        $proid='';
    }
    if ($userrow['power'] < 3) {
        if ($power == 3) {
            $money=$conf['qnprice'];
        }elseif ($power == 2) {
            $money=$program['cgprice'];
        }elseif ($power == 1) {
            if ($userrow['power'] == 2) {
                $money=$program['sqsprice2'];
            }else{
                $money=$program['sqsprice'];
            }
        }
    }
    if($userrow['power']==0){
    if ($money>$userrow['rmb']) {
        exit('{"code":-1,"msg":"您的不可提现余额不足，开通失败！"}');
    } else {
        $sql = "update `authguao_user` set `power`='{$power}',`proid`='{$proid}' where `uid`='{$userrow['uid']}'";
        if ($DB->query($sql)) {
            if($money>0){
            $DB->query("update `authguao_user` set `rmb`=`rmb`-{$money} where `uid`='{$userrow['uid']}'");
            addPointRecord($userrow['uid'], $money, '消费', '开通权限：'.$power_name.'扣除'.$money.'元');
            }
            exit('{"code":0,"msg":"开通'.$power_name.'成功！"}');
        } else {
            exit('{"code":-1,"msg":"开通'.$power_name.'失败！' . $DB->error().'"}');
        }
    }
    }else{
    if ($userrow['power'] < 3) {
    if ($money>$userrow['rmb']) {
        exit('{"code":-1,"msg":"您的不可提现余额不足，开通失败！"}');
    }
    }
    if (!$user or !$pwd or !$qq) {
        exit('{"code":-1,"msg":"请确保各项都不为空！"}');
    } else {
        $rows = $DB->get_row("select * from authguao_user where user='" . $user . "' limit 1");
        if ($rows) {
            exit('{"code":-1,"msg":"该用户名已存在！"}');
        }
        $qqrow = $DB->get_row("select * from authguao_user where qq='" . $qq . "' limit 1");
        if ($qqrow) {
            exit('{"code":-1,"msg":"该QQ账号已存在！"}');
        }
        $sql = "insert into `authguao_user` (`upuid`,`power`,`proid`,`user`,`pwd`,`rmb`,`qq`,`invitecode`,`addtime`,`status`) values ('".$userrow['uid']."','" . $power . "','" . $proid . "','" . $user . "','" . $pwd . "','" . $rmb . "','" . $qq . "','" . random(8) . "','" . $date . "','1')";
        if ($DB->query($sql)) {
            if($money>0){
            $DB->query("update `authguao_user` set `rmb`=`rmb`-{$money} where `uid`='{$userrow['uid']}'");
            addPointRecord($userrow['uid'], $money, '消费', '添加'.$power_name.'扣除'.$money.'元');
            }
            exit('{"code":0,"msg":"添加'.$power_name.'成功！"}');
        } else {
            exit('{"code":-1,"msg":"添加'.$power_name.'失败！' . $DB->error().'"}');
        }
    }
    }
break;
case 'useredit':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $uid=intval($_GET['uid']);
    $row=$DB->get_row("SELECT * FROM authguao_user WHERE uid='{$uid}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该用户记录不存在！"}');
    }
    if($row['upuid']!=$userrow['uid']){
        exit('{"code":-1,"msg":"该用户不是你的下级哦！"}');
    }
    if (!empty(daddslashes($_POST['pwd']))) {
        $sql = "`pwd`='".daddslashes($_POST['pwd'])."',";
    }
    $status=intval($_POST['status']);
    $sql="update `authguao_user` set {$sql}`status` ='{$status}' where `uid`='{$uid}'";
    if ($DB->query($sql)) {
        exit('{"code":0,"msg":"编辑成功！"}');
    } else {
        exit('{"code":-1,"msg":"编辑失败！' . $DB->error().'"}');
    }
break;
case 'adveredit':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $id=intval($_GET['id']);
    $row=$DB->get_row("SELECT * FROM authguao_adver WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该广告信息不存在！"}');
    }
    if($row['daili']!=$userrow['uid']){
        exit('{"code":-1,"msg":"该广告位不是你的哦！"}');
    }
    $title=daddslashes($_POST['title']);
    $url=daddslashes($_POST['url']);
    $colour=daddslashes($_POST['colour']);
    $active=intval($_POST['active']);
    if(!$title or !$url){
        exit('{"code":-1,"msg":"广告标题.跳转地址.不能为空！"}');
    }
    if ($row['title'] != $title && $row['url'] != $url) {
        $rows=$DB->get_row("SELECT * FROM authguao_adver WHERE title='$title' and url='$url' limit 1");
        if($rows){
            exit('{"code":-1,"msg":"该广告信息已存在！"}');
        }
    }
    if($DB->query("UPDATE authguao_adver set title='{$title}',url='{$url}',colour='{$colour}',active='{$active}' WHERE id='{$id}'")){
        exit('{"code":0,"msg":"编辑广告位成功！"}');
    }else{
        exit('{"code":-1,"msg":"编辑广告位失败！'.$DB->error().'"}');
    }
break;
case 'chat_site':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $uid=intval($_GET['uid']);
    if($uid==1){
        if($conf['admin_qq']){
            $qq=$conf['admin_qq'];
        }else{
            $qq=$conf['kfqq'];
        }
        $user=$conf['admin_user'];
        $power='<li class="list-group-item">权限：<font color="orange">平台站长</font></li>';
    }else{
        $row=$DB->get_row("select * from authguao_user where uid='".$uid."' limit 1");
        if(!$row){
            exit('{"code":-1,"msg":"当前用户不存在！"}');
        }
        $qq=$row['qq'];
        $user=$row['user'];
        if($row['power']==3){
            $power='<li class="list-group-item">权限：<font color="green">全能管理员</font></li>';
        }elseif($row['power']==2){
            $program=$DB->get_row("select * from authguao_program where id='".$row['proid']."' limit 1");
            $power='<li class="list-group-item">权限：<font color="purple">超级管理员</font></li><li class="list-group-item">权限所属程序：'.$program['name'].'</li>';
        }elseif($row['power']==1){
            $program=$DB->get_row("select * from authguao_program where id='".$row['proid']."' limit 1");
            $power='<li class="list-group-item">权限：<font color="blue">授权商</font></li><li class="list-group-item">权限所属程序：'.$program['name'].'</li>';
        }else{
            $power='<li class="list-group-item">权限：<font color="red">普通用户</font></li>';
        }
    }
    $data = '<center><li class="list-group-item"><img src="//q4.qlogo.cn/headimg_dl?dst_uin='.$qq.'&spec=100" alt="Avatar" width="60" height="60" style="border:1px solid #FFF;-moz-box-shadow:0 0 3px #AAA;-webkit-box-shadow:0 0 3px #AAA;border-radius: 50%;box-shadow:0 0 3px #AAA;padding:3px;margin-right: 3px;margin-left: 6px;"><br/>昵称：'.qqname($qq).'</li></center><li class="list-group-item">代理ID：'.$uid.'</li><li class="list-group-item">用户名：'.$user.'</li><li class="list-group-item">QQ：'.$qq.'</li>'.$power;
    $result=array("code"=>0,"msg"=>"succ","data"=>$data,"user"=>$user);
    exit(json_encode($result));
break;
case 'addjkk':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $money = daddslashes($_POST['money']);
    $num = daddslashes($_POST['num']);
    if ($num>100) {
        exit('{"code":-1,"msg":"一次性最多只能生成100张卡密！"}');
    }
    if($money<=0 || !is_numeric($money) || !preg_match('/^[0-9.]+$/', $money)) {
        exit('{"code":-1,"msg":"金额输入不规范！"}');
    }
    if (!$num) {
        exit('{"code":-1,"msg":"请确保各项都不为空！"}');
    }
    $moneys=$money*$num;
    if ($moneys>$userrow['rmb']) {
        $moneyss=$moneys-$userrow['rmb'];
        exit('{"code":-1,"msg":"您的不可提现余额不足，本次生成加款卡卡密需要'.$moneys.'元，还差'.$moneyss.'元，倘若可提现余额有钱可先转换余额！"}');
    }
    for ($i = 0; $i < $num; $i++) {
        $km=random(15);
        $DB->query("insert into `authguao_jkklist` (`uid`,`km`,`money`,`addtime`) values ('".$userrow['uid']."','".$km."','".$money."','".$date."')");
    }
    $DB->query("update authguao_user set rmb=rmb-{$moneys} where uid='{$userrow['uid']}'");
    addPointRecord($userrow['uid'], $moneys, '消费', '您今天生成'.$num.'张加款卡，扣除'.$moneys.'元余额');
    exit('{"code":0,"msg":"生成加款卡成功！"}');
break;
case 'addsite':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if ($userrow['power']==0 || $userrow['power']==3) {
        $proid = intval($_POST['proid']);
    }else{
        $proid = intval($userrow['proid']);
    }
    $name = addslashes($_POST['name']);
    $qq = addslashes($_POST['qq']);
    $url = addslashes($_POST['url']);
    $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
    $qqrow=$DB->get_row("SELECT * FROM authguao_site WHERE proid='".$proid."' and qq='".$qq."' limit 1");
    $urlrow=$DB->get_row("SELECT * FROM authguao_site WHERE proid='".$proid."' and url='".$url."' limit 1");
    if(!$urlrow){
        $urlrow = $DB->get_row("SELECT * FROM authguao_site WHERE proid='".$proid."' and url='*.".get_host($url)."' limit 1");
    }
    if ($userrow['power']==0 || $userrow['power']==3) {
        if (!$proid) {
            $result=array("code"=>-1,"msg"=>'请选择授权的程序！');
            exit(json_encode($result));
        }
    }
    if (!$program) {
        $result=array("code"=>-1,"msg"=>'该程序不存在！');
    } else if (!$name) {
        $result=array("code"=>-1,"msg"=>'请输入授权的站点名称！');
    } else if (!$qq) {
        $result=array("code"=>-1,"msg"=>'请输入授权的QQ！');
    } else if (strlen($qq) < 5 || !preg_match('/^[0-9]+$/',$qq)) {
        $result=array("code"=>-1,"msg"=>'请输入正确的QQ！');
    } else if (!$url) {
        $result=array("code"=>-1,"msg"=>'请输入授权的域名！');
    } else if (strexists($url,"http://")) {
        $result = array("code"=>-1,"msg"=>"域名无需输入http://");
    } else if (!strexists($url,".")){
        $result = array("code"=>-1,"msg"=>"域名格式疑似不正确");
    } else if ($urlrow) {
        $result=array("code"=>-1,"msg"=>'此域名，该程序中已存在！');
    } else {
        if ($userrow['power'] < 3) {
            if ($userrow['power'] == 2) {
                $money=$program['sqprice3'];
            }elseif ($userrow['power'] == 1) {
                $money=$program['sqprice2'];
            }else{
                $money=$program['sqprice'];
            }
            if ($userrow['rmb'] < $money) {
                $result=array("code"=>-1,"msg"=>'账户余额不足，购买程序：'.$program['name'].'的授权还差' . ($money - $userrow['rmb']) . '元');
                exit(json_encode($result));
            }
        }
        if ($qqrow && $program['ipauth'] == 0) {
            $sign = $qqrow['sign'];
            $authcode = $qqrow['authcode'];
        } else {
            $signrow = $DB->get_row("SELECT * FROM authguao_site WHERE 1 order by sign desc limit 1");
            $sign = $signrow['sign']+1;
            $authcode = md5(random(32).$qq);
        }
        if($conf['auth_time_type']==2){
            $endtime=date('Y-m-d', strtotime('+'.$conf['auth_time'].' years'));
        }elseif($conf['auth_time_type']==1){
            $endtime=date('Y-m-d', strtotime('+'.$conf['auth_time'].' months'));
        }else{
            $endtime=date('Y-m-d', strtotime('+'.$conf['auth_time'].' days'));
        }
        $sql="insert into `authguao_site` (`uid`,`proid`,`name`,`qq`,`url`,`date`,`authcode`,`active`,`sign`,`token`,`endtime`) values ('".$userrow['uid']."','".$proid."','".$name."','".$qq."','".$url."','".$date."','".$authcode."','1','".$sign."','".random(32)."','".$endtime."')";
        if ($DB->query($sql)) {
            if ($userrow['power'] < 3) {
                $DB->query("update `authguao_user` set `rmb`=`rmb`-{$money} where `uid`='{$userrow['uid']}'");
                addPointRecord($userrow['uid'], $money, '消费', '添加程序：'.$program['name'].'的授权，扣除'.$money.'元！剩余'.($userrow['rmb']-$money).'元');
            }
            $result = array("code"=>0,"msg"=>'程序：'.$program['name'].'</br>结果：<font color="green">开通成功</font>');
        } else {
            $result = array("code"=>-1,"msg"=>'程序：'.$program['name'].'</br>结果：<font color="red">开通失败</font>'.$DB->error());
        }
    }
    exit(json_encode($result));
break;
case 'addshop':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['Market_open']!=1)exit('{"code":-1,"msg":"商城系统正在维护更新，敬请期待！"}');
    $type = intval($_POST['type']);
    $name = daddslashes($_POST['name']);
    $money = daddslashes($_POST['money']);
    $image = daddslashes($_POST['image']);
    $updatelog = daddslashes($_POST['updatelog']);
    $filedata = daddslashes($_POST['filedata']);
    $proid = intval($_POST['proid']);
    $system_name = daddslashes($_POST['system_name']);
    $recommend = daddslashes($_POST['recommend']);
    if($money<0 || $money>1000){
        exit('{"code":-1,"msg":"最多不可超过1000和低于0！"}');
    }
    if(!is_numeric($money) || !preg_match('/^[0-9.]+$/', $money)) {
        exit('{"code":-1,"msg":"价格输入不规范！"}');
    }
    if (!$name or !$image or !$updatelog or !$filedata or !$recommend) {
        exit('{"code":-1,"msg":"请确保各项都不为空"}');
    }
    if(!$proid){
        exit('{"code":-1,"msg":"请选择商品适应的程序！"}');
    }
    if ($proid != 999999999) {
        $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
        if (!$program) {
            exit('{"code":-1,"msg":"该程序不存在！"}');
        }
    } else {
        if (!$system_name) {
            exit('{"code":-1,"msg":"请确保程序名称不为空"}');
        }
    }
    $row = $DB->get_row("select * from authguao_shop where name='" . $name . "' limit 1");
    if ($row) {
        exit('{"code":-1,"msg":"该商品已存在！"}');
    }
    $sql = "insert into `authguao_shop` (`uid`,`type`,`name`,`money`,`tcbl`,`image`,`updatelog`,`filedata`,`proid`,`system_name`,`recommend`,`version`,`active`,`rzdate`,`sjdate`) values ('".$userrow['uid']."','" . $type . "','" . $name . "','" . $money . "','" . $conf['shop_tcbl'] . "','" . $image . "','" . $updatelog . "','" . $filedata . "','" . $proid . "','" . $system_name . "','" . $recommend . "','1.00','0','" . $date . "','" . $date . "')";
    if ($DB->query($sql)) {
        exit('{"code":0,"msg":"商品['.$name.']上架成功，感谢您的支持！"}');
    } else {
        exit('{"code":-1,"msg":"商品['.$name.']上架失败！' . $DB->error().'"}');
    }
break;
case 'shopedit':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['Market_open']!=1)exit('{"code":-1,"msg":"商城系统正在维护更新，敬请期待！"}');
    $id=intval($_GET['id']);
    $row=$DB->get_row("SELECT * FROM authguao_shop WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该商品记录不存在！"}');
    }
    $filedata = daddslashes($_POST['filedata']);
    $money = daddslashes($_POST['money']);
    $image = daddslashes($_POST['image']);
    $version = daddslashes($_POST['version']);
    $updatelog = daddslashes($_POST['updatelog']);
    $recommend = daddslashes($_POST['recommend']);
    if($money<0 || $money>1000){
        exit('{"code":-1,"msg":"最多不可超过1000和低于0！"}');
    }
    if(!is_numeric($money) || !preg_match('/^[0-9.]+$/', $money)) {
        exit('{"code":-1,"msg":"价格输入不规范！"}');
    }
    if (!$filedata or !$image or !$version or !$updatelog or !$recommend) {
        exit('{"code":-1,"msg":"请确保各项都不为空"}');
    }
    $sql="update `authguao_shop` set `money` ='{$money}',`image` ='{$image}',`updatelog` ='{$updatelog}',`filedata` ='{$filedata}',`recommend` ='{$recommend}',`version` ='{$version}' where `id`='{$id}'";
    if ($DB->query($sql)) {
        exit('{"code":0,"msg":"编辑成功！"}');
    } else {
        exit('{"code":-1,"msg":"编辑失败！' . $DB->error().'"}');
    }
break;
case 'siteedit':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $id=intval($_GET['id']);
    $row=$DB->get_row("SELECT * FROM authguao_site WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该授权记录不存在！"}');
    }
    $proid=intval($_POST['proid']);
    $name=daddslashes($_POST['name']);
    $qq=daddslashes($_POST['qq']);
    $url=daddslashes($_POST['url']);
    $authcode=daddslashes($_POST['authcode']);
    $sign=daddslashes($_POST['sign']);
    $active=intval($_POST['active']);
    $ip=daddslashes($_POST['ip']);
    if(!$proid){
        exit('{"code":-1,"msg":"请选择您要授权的程序！"}');
    }
    $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
    if (!$program) {
        exit('{"code":-1,"msg":"该程序不存在！"}');
    }
    if(!$name or !$qq or !$url or !$authcode or !$sign){
        exit('{"code":-1,"msg":"请确保各项都不为空！"}');
    }
    if(strlen($authcode)!=32){
        exit('{"code":-1,"msg":"授权码格式错误！"}');
    }
    if ($row['proid'] != $proid && $row['qq'] != $qq) {
        $rows=$DB->get_row("SELECT * FROM authguao_site WHERE proid='{$proid}' and qq='{$qq}' limit 1");
        if($program && $rows && $program['ipauth']==0){
            exit('{"code":-1,"msg":"该程序中已存在该QQ，请使用“添加站点”！"}');
        }
    }
    if ($row['proid'] != $proid && $row['url'] != $url) {
        $rowss=$DB->get_row("SELECT * FROM authguao_site WHERE proid='{$proid}' and url='{$url}' limit 1");
        if(!$rowss){
            $rowss = $DB->get_row("SELECT * FROM authguao_site WHERE proid='$proid' and url='*.".get_host($url)."' limit 1");
        }
        if($program && $rowss){
            exit('{"code":-1,"msg":"该程序中已存在该授权域名！"}');
        }
    }
    $sql="update `authguao_site` set `proid` ='{$proid}',`name` ='{$name}',`qq` ='{$qq}',`url` ='{$url}',`authcode` ='{$authcode}',`sign` ='{$sign}',`active` ='{$active}',`ip` ='{$ip}' where `id`='{$id}'";
    if($DB->query($sql)){
        exit('{"code":0,"msg":"编辑成功！"}');
    } else {
        exit('{"code":-1,"msg":"编辑失败！' . $DB->error().'"}');
    }
break;
case 'qiandao':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['qiandao_open']!=1)exit('{"code":-1,"msg":"当前站点未开启签到功能"}');
    $day = date("Y-m-d");
    $lastday = date("Y-m-d",strtotime("-1 day"));
    if ($DB->get_row("SELECT * FROM authguao_qiandao WHERE uid='{$userrow['uid']}' and date='$day' order by id desc limit 1")) {
        exit('{"code":-1,"msg":"今天已经签到过了, 明天在来吧！"}');
    }
    if ($row = $DB->get_row("SELECT * FROM authguao_qiandao WHERE uid='{$userrow['uid']}' and date='$lastday' order by id desc limit 1")) {
        $continue = $row['continue']+1;
    }else{
        $continue = 1;
    }
    $reward = round($conf['qiandao_min'] + mt_rand() / mt_getrandmax() * ($conf['qiandao_max'] - $conf['qiandao_min']), 2);
    if($reward==0){
        $text='运气有点呗哦，没有获得现金奖励，明日再接再来哦！';
    }elseif($reward==$conf['qiandao_money']){
        $text='运气有点呗哦，没有获得现金奖励，明日再接再来哦！';
    }elseif($reward>$conf['qiandao_money']){
        $text='哇，运气爆表了，获得'.$reward.'元现金奖励！';
    }elseif($reward<$conf['qiandao_money']){
        $text='不用灰心哦，明日再接再厉，获得'.$reward.'元现金奖励！';
    }else{
        $text='签到成功，获得'.$reward.'元现金奖励！';
    }
    $money = round($reward - $conf['qiandao_money'], 2);
    $sql="insert into `authguao_qiandao` (`uid`,`qq`,`reward`,`date`,`time`,`continue`) values ('".$userrow['uid']."','".$userrow['qq']."','".$reward."','".$day."','".$date."','".$continue."')";
    if($DB->query($sql)){
        if ($money>0){
            $DB->query("update authguao_user set rmb=rmb+{$money} where uid='{$userrow['uid']}'");
            addPointRecord($userrow['uid'], $money, '赠送', '您今天签到获得了'.$money.'元奖励[扣除签到费用'.$conf['qiandao_money'].'元]');
        }
        $result = array('code'=>0, 'msg'=>$text);
    }else{
        $result = array('code'=>-1, 'msg'=>'签到失败'.$DB->error());
    }
    exit(json_encode($result));
break;
case 'qdcount':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $day=date("Y-m-d");
    $lastday = date("Y-m-d",strtotime("-1 day"));
    $count1=$DB->count("SELECT count(*) FROM authguao_qiandao WHERE date='$day'");
    $count2=$DB->count("SELECT count(*) FROM authguao_qiandao WHERE date='$lastday'");
    $count3=$DB->count("SELECT count(*) FROM authguao_qiandao");
    $rewardcount=$DB->count("SELECT sum(reward) FROM authguao_qiandao WHERE uid='{$userrow['uid']}'");
    $result=array("count1"=>$count1,"count2"=>$count2,"count3"=>$count3,"rewardcount"=>round($rewardcount,2));
    exit(json_encode($result));
break;
case 'msg':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($userrow['power']==3){
        $type = '0,2,3';
    }elseif($userrow['power']==2){
        $type = '0,2,4';
        $types = '6';
    }elseif($userrow['power']==1){
        $type = '0,2,5';
        $types = '7';
    }else{
        $type = '0,1';
    }
    $msgread = trim($userrow['msgread'],',');
    if(empty($msgread))$msgread='0';
    $counts=$DB->count("SELECT count(*) FROM authguao_message WHERE id NOT IN ($msgread) and type IN ($type)");
    if($userrow['power']==0 || $userrow['power']==3){
        $count=$counts;
    }else{
        $countss=$DB->count("SELECT count(*) FROM authguao_message WHERE id NOT IN ($msgread) and type='{$type}' and proid='{$userrow['proid']}'");
        $count=$counts+$countss;
    }
    $count2=$DB->count("SELECT count(*) FROM authguao_workorder WHERE uid='{$userrow['uid']}' AND status=1");
    exit('{"code":0,"count":'.$count.',"count2":'.$count2.'}');
break;
case 'upcheck_money':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['user_uppower_open']!=1)exit('{"code":-1,"msg":"未开启自助升级权限功能"}');
    $power=intval($_POST['power']);
    if($power==2){
    $program=$DB->get_row("select * from authguao_program where id='{$userrow['proid']}' limit 1");
    if(!$program)
        exit('{"code":-1,"msg":"归属程序不存在！"}');
    $need=$program['cgprice'];
    }elseif($power==3){
    $need=$conf['qnprice'];
    }else{
    $need='无法获取价格';
    }
    $result=array("code"=>0,"msg"=>"succ","need"=>$need);
    exit(json_encode($result));
break;
case 'recharge':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $value=daddslashes($_GET['value']);
    $trade_no=date("YmdHis").rand(111,999);
    if($value<$conf['recharge_min'])exit('{"code":-1,"msg":"最低充值'.$conf['recharge_min'].'元！"}');
    if($value>$conf['recharge_max'])exit('{"code":-1,"msg":"最高充值'.$conf['recharge_max'].'元！"}');
    if(!is_numeric($value) || !preg_match('/^[0-9.]+$/', $value))exit('{"code":-1,"msg":"提交参数错误！"}');
    $sql="insert into `authguao_pay` (`trade_no`,`type`,`input`,`name`,`money`,`ip`,`addtime`,`status`) values ('".$trade_no."','1','".$userrow['uid']."','在线充值余额','".$value."','".$clientip."','".$date."','0')";
    if($DB->query($sql)){
        exit('{"code":0,"msg":"提交订单成功！","trade_no":"'.$trade_no.'","money":"'.$value.'","name":"在线充值余额"}');
    }else{
        exit('{"code":-1,"msg":"提交订单失败！'.$DB->error().'"}');
    }
break;
case 'tixian':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['user_tixian']!=1)exit('{"code":-1,"msg":"未开启余额提现功能"}');
    if(isset($_POST['money'])) {
        $type=intval(strip_tags($_POST['type']));
        $name=daddslashes(strip_tags($_POST['name']));
        $account=daddslashes(strip_tags($_POST['account']));
        $remarks=daddslashes(strip_tags($_POST['remarks']));
        $money=daddslashes(strip_tags($_POST['money']));
        if(!is_numeric($money) || !preg_match('/^[0-9.]+$/', $money)) {
            exit('{"code":-1,"msg":"提现金额输入不规范！"}');
        }
        $realmoney = round($money*$conf['tixian_rate']/100,2);
        if($conf['user_skimg']==1 && !file_exists(ROOT.'assets/img/skimg/sk_'.$userrow['uid'].'.png')){
            exit('{"code":1,"msg":"您还未上传收款图！"}');
        }elseif(empty($account) || empty($name)){
            exit('{"code":-1,"msg":"您还填写收款账号！"}');
        }
        if($money>$userrow['rmb_tc'] || $money<=0){
            exit('{"code":-1,"msg":"所输入的提现金额大于你所拥有的可提现余额！"}');
        }
        if($money<$conf['tixian_min']){
            exit('{"code":-1,"msg":"单笔提现金额不能低于'.$conf['tixian_min'].'元！"}');
        }
        if($money>$conf['tixian_max']){
            exit('{"code":-1,"msg":"单笔提现金额不能高于'.$conf['tixian_max'].'元！"}');
        }
        $sds=$DB->query("INSERT INTO `authguao_tixian` (`uid`, `money`, `realmoney`, `type`, `account`, `name`, `remarks`, `status`, `addtime`) VALUES ('".$userrow['uid']."', '".$money."', '".$realmoney."', '".$type."', '".$account."', '".$name."', '".$remarks."', '0', '".$date."')");
        if($sds){
            $DB->query("update authguao_user set rmb=rmb-{$money} where uid='{$userrow['uid']}'");
            addPointRecord($userrow['uid'], $money, '提现', '站点余额提现'.$money.'元');
            exit('{"code":0,"msg":"提现操作成功，本次实际到账金额:'.$realmoney.'元，请等待管理员人工转账！"}');
        }else{
            exit('{"code":-1,"msg":"提现失败！"}');
        }
    }
break;
case 'uploadimg':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['workorder_pic']!=1)exit('{"code":-1,"msg":"未开启上传图片功能"}');
    if($_POST['do']=='upload'){
        $filename = $_FILES['file']['name'];
        $ext = substr($filename, strripos($filename, '.') + 1);
        $arr = array('png', 'jpg', 'gif', 'jpeg', 'webp', 'bmp');
        if (!in_array($ext , $arr)) {
            exit('{"code":-1,"msg":"只支持上传图片文件"}');
        }
        $filename = md5_file($_FILES['file']['tmp_name']).'.png';
        $fileurl = 'assets/img/workorder/'.$filename;
        if(copy($_FILES['file']['tmp_name'], ROOT.$fileurl)){
            exit('{"code":0,"msg":"succ","url":"'.$fileurl.'"}');
        }else{
            exit('{"code":-1,"msg":"上传失败，请确保有本地写入权限"}');
        }
    }
    exit('{"code":-1,"msg":"null"}');
break;
case 'uploadskimg':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($_POST['do']=='skimg'){
        $skimgurl = 'assets/img/skimg/sk_'.$userrow['uid'].'.png';
        if (file_exists(ROOT . $skimgurl)) {
            unlink(ROOT . $skimgurl); //删除历史文件
        }
        $filename = $_FILES['shoukuan']['name'];
        $ext = substr($filename, strripos($filename, '.') + 1);
        $arr = array('png', 'jpg', 'gif', 'jpeg', 'webp', 'bmp');
        if (!in_array($ext , $arr)) {
            exit('{"code":-1,"msg":"只支持上传图片文件"}');
        }
        $filename = 'sk_'.$userrow['uid'].'.png';
        $fileurl = 'assets/img/skimg/'.$filename;
        if(copy($_FILES['shoukuan']['tmp_name'], ROOT.$fileurl)){
            exit('{"code":0,"msg":"succ"}');
        }else{
            exit('{"code":-1,"msg":"上传失败，请确保有本地写入权限"}');
        }
    }
    exit('{"code":-1,"msg":"null"}');
break;
case 'usekm':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['user_jiakuanka']!=1)exit('{"code":-1,"msg":"未开启使用加款卡功能"}');
    $km=trim(daddslashes($_POST['km']));
    $myrow=$DB->get_row("SELECT * FROM authguao_jkklist WHERE km='$km' LIMIT 1");
    if(!$myrow){
        exit('{"code":-1,"msg":"此卡密不存在！"}');
    }elseif($myrow['status']==1){
        exit('{"code":-1,"msg":"此卡密已被使用！"}');
    }
    $money = $myrow['money'];
    if($DB->query("UPDATE `authguao_jkklist` SET `user` ='{$userrow['user']}',`lasttime` ='".$date."',`status`=1 WHERE `id`='{$myrow['id']}'")){
        $DB->query("update `authguao_user` set `rmb`=`rmb`+" . $money . " where `uid`='" . $userrow["uid"] . "'");
        addPointRecord($userrow["uid"], $money, "充值", "你使用加款卡充值了".$money."元余额");
        exit('{"code":0,"msg":"成功充值'.$money.'元余额！"}');
    }else{
        exit('{"code":-1,"msg":"充值失败'.$DB->error().'"}');
    }
break;
case 'toMoney':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['user_toMoney_open']!=1)exit('{"code":-1,"msg":"未开启使用余额转换功能"}');
    $money = round(daddslashes($_POST['money']),2);
    if ($money > $userrow['rmb_tc'] || $money<=0) {
        exit('{"code":-1,"msg":"您当前的可提现余额不足'.$money.'元！"}');
    } elseif (!is_numeric($money) || !preg_match('/^[0-9.]+$/', $money)) {
        exit('{"code":-1,"msg":"金额输入不规范！"}');
    }else{
        $DB->query("update `authguao_user` set `rmb_tc`=`rmb_tc`-{$money},`rmb`=`rmb`+{$money} where `uid`='{$userrow['uid']}'");
        addPointRecord($userrow['uid'], $money, '转换', '自助申请可提现余额转入到不可提现余额'.$money.'元！剩余'.($userrow['rmb_tc']-$money).'元');
        exit('{"code":0,"msg":"'.$money.'元可提现余额转换不可提现余额成功！"}');
    }
break;
case 'zzMoney':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['user_zzMoney_open']!=1)exit('{"code":-1,"msg":"未开启使用余额转账功能"}');
    $type = intval($_POST['type']);
    $user = daddslashes($_POST['user']);
    $money = round(daddslashes($_POST['money']),2);
    if($type==1){
        $rmb=$userrow['rmb_tc'];
        $text='可提现余额';
    }else{
        $rmb=$userrow['rmb'];
        $text='不可提现余额';
    }
    $row=$DB->get_row("SELECT * FROM authguao_user WHERE user='$user' limit 1");
    if (!$user) {
        exit('{"code":-1,"msg":"对方账号不能为空！"}');
    } elseif (!$row) {
        exit('{"code":-1,"msg":"用户不存在！"}');
    } elseif ($user==$userrow['user']) {
        exit('{"code":-1,"msg":"不能转账给自己！"}');
    } elseif ($money > $rmb || $money<=0) {
        exit('{"code":-1,"msg":"您当前的'.$text.'不足'.$money.'元！"}');
    } elseif (!is_numeric($money) || !preg_match('/^[0-9.]+$/', $money)) {
        exit('{"code":-1,"msg":"金额输入不规范！"}');
    }else{
        if($type==1){
            $DB->query("update `authguao_user` set `rmb_tc`=`rmb_tc`-{$money} where `uid`='{$userrow['uid']}'");
            addPointRecord($userrow['uid'], $money, '转账', '自助转账给用户（'.$user.'）'.$text.$money.'元！剩余'.($userrow['rmb_tc']-$money).'元');
            $DB->query("update `authguao_user` set `rmb_tc`=`rmb_tc`+{$money} where `uid`='{$row['uid']}'");
            addPointRecord($row['uid'], $money, '收款', '收到来自用户（'.$userrow['user'].'）的'.$text.'转账'.$money.'元！');
        }else{
            $DB->query("update `authguao_user` set `rmb`=`rmb`-{$money} where `uid`='{$userrow['uid']}'");
            addPointRecord($userrow['uid'], $money, '转账', '自助转账给用户（'.$user.'）'.$text.$money.'元！剩余'.($userrow['rmb']-$money).'元');
            $DB->query("update `authguao_user` set `rmb`=`rmb`+{$money} where `uid`='{$row['uid']}'");
            addPointRecord($row['uid'], $money, '收款', '收到来自用户（'.$userrow['user'].'）的'.$text.'转账'.$money.'元！');
        }
        exit('{"code":0,"msg":"'.$money.'元转账成功！"}');
    }
break;
case 'uppower':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['user_uppower_open']!=1)exit('{"code":-1,"msg":"未开启自助升级权限功能"}');
    $power=intval($_POST['power']);
    $program=$DB->get_row("select * from authguao_program where id='{$userrow['proid']}' limit 1");
    if($userrow['power']==1){
    $price=$program['sqsprice'];
    }elseif($userrow['power']==2){
    $price=$program['cgprice'];
    }else{
    $price=0;
    }
    if($power==2){
    if(!$program)
        exit('{"code":-1,"msg":"归属程序不存在！"}');
    $money=$program['cgprice']-$price;
    if ($money>$userrow['rmb']) {
        $moneys=$money-$userrow['rmb'];
        exit('{"code":-1,"msg":"您的不可提现余额不足，本次升级权限需要'.$money.'元，还差'.$moneys.'元，倘若可提现余额有钱可先转换余额！"}');
    }
    $DB->query("update `authguao_user` set `rmb`=`rmb`-{$money} where `uid`='{$userrow['uid']}'");
    $DB->query("update `authguao_user` set `power`='2',`proid`='' where `uid`='{$userrow['uid']}'");
    addPointRecord($userrow['uid'], $money, '消费', '自助升级超级管理员('.$program['name'].')，扣除'.$money.'元！剩余'.($userrow['rmb']-$money).'元');
    exit('{"code":0,"msg":"升级超级管理员('.$program['name'].')成功！"}');
    }elseif($power==3){
    $money=$conf['qnprice']-$price;
    if ($money>$userrow['rmb']) {
        $moneys=$money-$userrow['rmb'];
        exit('{"code":-1,"msg":"您的不可提现余额不足，本次升级权限需要'.$money.'元，还差'.$moneys.'元，倘若可提现余额有钱可先转换余额！"}');
    }
    $DB->query("update `authguao_user` set `rmb`=`rmb`-{$money} where `uid`='{$userrow['uid']}'");
    $DB->query("update `authguao_user` set `power`='3',`proid`='' where `uid`='{$userrow['uid']}'");
    addPointRecord($userrow['uid'], $money, '消费', '自助升级全能管理员，扣除'.$money.'元！剩余'.($userrow['rmb']-$money).'元');
    exit('{"code":1,"msg":"升级全能管理员成功！"}');
    }else{
    exit('{"code":-1,"msg":"权限升级失败，原因：无法获取价格！"}');
    }
break;
case 'add_workorder':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $type=intval($_POST['type']);
    $content=str_replace(array('*','^','|'),'',trim(strip_tags(daddslashes($_POST['content']))));
    $picurl=strip_tags(daddslashes($_POST['picurl']));
    if (empty($content)) {
        exit('{"code":-1,"msg":"描述信息不能为空！"}');
    } else {
        $sql="INSERT INTO `authguao_workorder` (`uid`,`type`,`content`,`picurl`,`addtime`,`status`) VALUES ('".$userrow['uid']."', '".$type."', '".$content."', '".$picurl."', '".$date."', '0')";
        if($DB->query($sql)){
            if($conf['workorder_mail']==1){
                $content=mb_substr($content, 0, 16, 'utf-8');
                $sub = '用户提交工单提醒';
                $text = '<b>'.$userrow['user'].'</b>（UID:'.$userrow['uid'].'）于 '.$date.' 提交工单，请及时进入网站后台工单列表处理。<br/><b>问题类型：</b>'.display_type($type).'<br/><b>工单标题：</b>'.$content.'<br/>----------<br/>'.$_SERVER['HTTP_HOST'].'<br/>'.$date;
                $msg = youfas($sub,$text);
                $mail_name = $conf['mail_recv']?$conf['mail_recv']:$conf['mail_name'];
                send_mail($mail_name,$sub,$msg);
            }
            exit('{"code":0,"msg":"提交工单成功！请等待管理员处理。"}');
        }else{
            exit('{"code":-1,"msg":"提交工单失败！'.$DB->error().'"}');
        }
    }
break;
case 'reply_workorder':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $id=intval($_GET['id']);
    $rows=$DB->get_row("SELECT * FROM authguao_workorder WHERE id='$id' AND uid='{$userrow['uid']}' LIMIT 1");
    if(!$rows){
        exit('{"code":-1,"msg":"当前记录不存在！"}');
    }elseif($rows['status']==2){
        exit('{"code":-1,"msg":"此工单已经结单！"}');
    }elseif($rows['status']==0){
        exit('{"code":-1,"msg":"请耐心等待客服处理！"}');
    }
    $content=str_replace(array('*','^','|'),'',trim(strip_tags(daddslashes($_POST['content']))));
    if (empty($content)) {
        exit('{"code":-1,"msg":"补充信息不能为空！"}');
    } else {
        $content = addslashes($rows['content']).'*0^'.$date.'^'.$content;
        if($DB->query("update authguao_workorder set content='{$content}',status=0 where id='{$id}'")){
            exit('{"code":0,"msg":"回复工单成功！请等待管理员处理。"}');
        }else{
            exit('{"code":-1,"msg":"回复工单失败！'.$DB->error().'"}');
        }
    }
break;
case 'complete_workorder':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $id=intval($_GET['id']);
    $rows=$DB->get_row("SELECT * FROM authguao_workorder WHERE id='$id' AND uid='{$userrow['uid']}' LIMIT 1");
    if(!$rows){
        exit('{"code":-1,"msg":"当前记录不存在！"}');
    }elseif($rows['status']==2){
        exit('{"code":-1,"msg":"此工单已经结单！"}');
    }
    if($DB->query("UPDATE authguao_workorder SET status=2 WHERE id='{$id}'")){
        exit('{"code":0,"msg":"完结工单成功！"}');
    }else{
        exit('{"code":-1,"msg":"完结工单失败！'.$DB->error().'"}');
    }
break;
case 'delete_workorder':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $id=intval($_GET['id']);
    $sql="DELETE FROM authguao_workorder WHERE id='$id' AND uid='{$userrow['uid']}'";
    if($DB->query($sql)){
        exit('{"code":0,"msg":"删除成功！"}');
    }else{
        exit('{"code":-1,"msg":"删除失败！'.$DB->error().'"}');
    }
break;
case 'shopdel':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['Market_open']!=1)exit('{"code":-1,"msg":"商城系统正在维护更新，敬请期待！"}');
    $id=intval($_GET['id']);
    $row=$DB->get_row("SELECT * FROM authguao_shop WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该商品记录不存在！"}');
    }
    $sql="DELETE FROM authguao_shop WHERE id='$id' limit 1";
    if($DB->query($sql)){
        exit('{"code":0,"msg":"商品['.$row['name'].']已经成功删除！"}');
    } else {
        exit('{"code":-1,"msg":"商品['.$row['name'].']删除失败！' . $DB->error().'"}');
    }
break;
case 'updatelog':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['Market_open']!=1)exit('{"code":-1,"msg":"商城系统正在维护更新，敬请期待！"}');
    $id=intval($_POST['id']);
    $row=$DB->get_row("SELECT * FROM authguao_shop WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该商品记录不存在！"}');
    }
    $result=array("code"=>0,"msg"=>"succ","updatelog"=>$row['updatelog']);
    exit(json_encode($result));
break;
case 'praise':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['Market_open']!=1)exit('{"code":-1,"msg":"商城系统正在维护更新，敬请期待！"}');
    if($conf['Market_praise_open']!=1)exit('{"code":-1,"msg":"商城点赞系统正在维护更新，敬请期待！"}');
    $id=intval($_POST['id']);
    $row=$DB->get_row("SELECT * FROM authguao_shop WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该商品记录不存在！"}');
    }
    $rows=$DB->get_row("SELECT * FROM authguao_praise WHERE tid='{$id}' and uid='{$userrow['uid']}' limit 1");
    if($rows){
        exit('{"code":-1,"msg":"每个人只能够赞一次哦~"}');
    }
    if($row['praise']==0){
        $text='点赞成功,您是第一个点赞的哦!';
    }else{
        $text='点赞成功,感谢您的支持!';
    }
    $sql = "insert into `authguao_praise` (`tid`,`uid`) values ('".$id."','" . $userrow['uid'] . "')";
    if ($DB->query($sql)) {
        $DB->query("update `authguao_shop` set `praise`=`praise`+1 where `id`='" . $id . "'");
        exit('{"code":0,"msg":"'.$text.'","count":"'.($row['praise']+1).'"}');
    } else {
        exit('{"code":-1,"msg":"点赞失败！' . $DB->error().'"}');
    }
break;
case 'store_log':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['Market_open']!=1)exit('{"code":-1,"msg":"商城系统正在维护更新，敬请期待！"}');
    $id=intval($_POST['id']);
    $row=$DB->get_row("SELECT * FROM authguao_shop WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该商品记录不存在！"}');
    }
    $rows=$DB->get_row("SELECT * FROM authguao_shoplog WHERE tid='{$id}' and uid='{$userrow['uid']}' limit 1");
    if($rows){
        exit('{"code":-1,"msg":"你已购买该商品了哦~"}');
    }
    if($row['uid']==$userrow['uid']){
        exit('{"code":-1,"msg":"无法购买自己上架的商品"}');
    }
    if ($userrow['rmb'] < $row['money']){
        exit('{"code":-1,"msg":"你的余额不足，购买此商品还差' . ($row['money'] - $userrow['rmb']) . '元，请充值！"}');
    }
    $sql = "insert into `authguao_shoplog` (`tid`,`uid`,`version`) values ('".$id."','" . $userrow['uid'] . "','" . $row['version'] . "')";
    if ($DB->query($sql)) {
        if ($row['money']!='0.00' && $row['uid']!=$userrow['uid']) {
            $DB->query("update `authguao_user` set `rmb`=`rmb`-{$row['money']} where `uid`='" . $userrow['uid'] . "'");
            addPointRecord($userrow['uid'], $row['money'], '消费', '用户'.$userrow['uid'].'购买了商品'.$row['name'].'花费了'.$row['money'].'元！');
            if ($row['uid']!=1) {
                $money = round($row['money']*$row['tcbl']/100,2);
                $DB->query("update `authguao_user` set `rmb`=`rmb`+{$money} where `uid`='" . $row['uid'] . "'");
                addPointRecord($row['uid'], $money, '提成', '用户'.$userrow['uid'].',QQ:['.$userrow['qq'].'] 购买了'.$row['name'].',您获得了百分之'.$row['tcbl'].'的提成('.$money.')元');
            }
        }
        $DB->query("update `authguao_shop` set `count`=`count`+1 where `id`='" . $id . "'");
        exit('{"code":0,"msg":"商品['.$row['name'].']购买成功,感谢您的支持!"}');
    } else {
        exit('{"code":-1,"msg":"商品['.$row['name'].']购买失败,请重新购买！' . $DB->error().'"}');
    }
break;
case 'store_update':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['Market_open']!=1)exit('{"code":-1,"msg":"商城系统正在维护更新，敬请期待！"}');
    $id=intval($_POST['id']);
    $row=$DB->get_row("SELECT * FROM authguao_shop WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该商品记录不存在！"}');
    }
    $rows=$DB->get_row("SELECT * FROM authguao_shoplog WHERE tid='{$id}' and uid='{$userrow['uid']}' limit 1");
    if ($row['filedata']) {
        if ($rows['version']!=$row['version']) {
            $DB->query("update `authguao_shoplog` set `version`='{$row['version']}' where `id`='" . $rows['id'] . "'");
        }
        $result=array("code"=>0,"msg"=>"商品下载地址获取成功，请点击下方按钮继续！","url"=>$row['filedata']);
        exit(json_encode($result));
    } else {
        exit('{"code":-1,"msg":"商品下载地址获取失败！"}');
    }
break;
case 'add_key':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $money = $conf['add_key_rmb'];
    $key = random(32);
    if ($userrow['rmb'] < $money){
        exit('{"code":-1,"msg":"你的余额不足，购买此API还差' . ($money - $userrow['rmb']) . '元，请充值！"}');
    }
    $sql="update authguao_user set api_key='".$key."' where uid='".$userrow['uid']."';";
    if($DB->query($sql)){
        $DB->query("update `authguao_user` set `rmb`=`rmb`-{$money} where `uid`='{$userrow['uid']}'");
        addPointRecord($userrow['uid'], $money, '消费', '生成API对接密钥，扣除'.$money.'元！剩余'.($userrow['rmb']-$money).'元');
        exit('{"code":1,"msg":"APIKEY开通成功！"}');
    }else{
        exit('{"code":-1,"msg":"APIKEY开通失败！' . $DB->error().'"}');
    }
break;
case 'api_key':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if(isset($_SESSION['api_key']) && $_SESSION['api_key']>TIMESTAMP-600){
        exit('{"code":-1,"msg":"请勿频繁重置！"}');
    }
    $key = random(32);
    $sql="update authguao_user set api_key='".$key."' where uid='".$userrow['uid']."';";
    if($DB->query($sql)){
        $_SESSION['api_key']=TIMESTAMP;
        exit('{"code":1,"msg":"APIKEY重置成功！"}');
    }else{
        exit('{"code":-1,"msg":"APIKEY重置失败！' . $DB->error().'"}');
    }
break;
case 'api_ip':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $data=trim($_POST['data']);
    if($DB->query("update authguao_user set api_iplist='$data' where uid='{$userrow['uid']}'")){
        exit('{"code":0,"msg":"设置成功"}');
    }else{
        exit('{"code":-1,"msg":"设置失败！'.$DB->error().'"}');
    }
break;
case 'get_apijk':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $proid=intval($_POST['proid']);
    if(!$proid){
        exit('{"code":-1,"msg":"请选择您要生成的程序！"}');
    }
    $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
    if (!$program) {
        exit('{"code":-1,"msg":"该程序不存在！"}');
    }
    $result=array("code"=>0,"msg"=>"succ","api_jk"=>$authurl.'api/cloud_api.php?act=cloud_auth&proid='.$proid.'&name=授权站点名称&qq=授权QQ&url=授权域名&ip=服务器ip&key='.$userrow['api_key']);
    exit(json_encode($result));
break;
case 'get_user_apijk':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $proid=intval($_POST['proid']);
    if(!$proid){
        exit('{"code":-1,"msg":"请选择您要生成的程序！"}');
    }
    $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
    if (!$program) {
        exit('{"code":-1,"msg":"该程序不存在！"}');
    }
    $result=array("code"=>0,"msg"=>"succ","apisqs_jk"=>$authurl.'api/cloud_api.php?act=cloud_user&proid='.$proid.'&power=1&user=登录用户名&pwd=登录密码&qq=联系QQ&email=绑定邮箱&ip=服务器ip&key='.$userrow['api_key'],"apicg_jk"=>$authurl.'api/cloud_api.php?act=cloud_user&proid='.$proid.'&power=2&user=登录用户名&user=登录密码&qq=联系QQ&email=绑定邮箱&ip=服务器ip&key='.$userrow['api_key']);
    exit(json_encode($result));
break;
case 'guess_xz':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['guess_open']!=1)exit('{"code":-1,"msg":"娱乐竞猜系统正在维护更新，敬请期待！"}');
    $type = intval($_POST['type']);
    $money = daddslashes($_POST['money']);
    if ($money<$conf['guess_xz_min']) {
        exit('{"code":-1,"msg":"最小下注金额不能低于'.$conf['guess_xz_min'].'元！"}');
    } else if ($money>$conf['guess_xz_max']) {
        exit('{"code":-1,"msg":"最大下注金额不能高于'.$conf['guess_xz_max'].'元！"}');
    } else if (!is_numeric($money) || !preg_match('/^[0-9.]+$/', $money)) {
        exit('{"code":-1,"msg":"下注金额不规范！"}');
    } else if ($money > $userrow['rmb']) {
        exit('{"code":-1,"msg":"您当前的不可提现余额不足'.$money.'元！"}');
    } else {
        $sql = "insert into `authguao_guess` (`uid`,`jcqs`,`yzhm`,`money`,`date`,`prize`) values ('".$userrow['uid']."','".$conf['guess_stage']."','".$type."','".$money."','".$date."','0')";
        if ($DB->query($sql)) {
            $DB->query("update `authguao_user` set `rmb`=`rmb`-{$money} where `uid`='{$userrow['uid']}'");
            addPointRecord($userrow['uid'], $money, '竞猜下注', '参与第'.$conf['guess_stage'].'期竞猜活动，下注'.$money.'元');
            exit('{"code":0,"msg":"下注成功，请等待开奖！"}');
        } else {
            exit('{"code":-1,"msg":"下注失败！' . $DB->error().'"}');
        }
    }
break;
case 'guess_lq':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['guess_open']!=1)exit('{"code":-1,"msg":"娱乐竞猜系统正在维护更新，敬请期待！"}');
    $id = intval($_GET['id']);
    $row=$DB->get_row("SELECT * FROM authguao_guess WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该竞猜记录不存在！"}');
    }
    if($row['prize']=='1'){
        exit('{"code":-1,"msg":"已经领取了不可重复！"}');
    }
    if($row['uid']!=$userrow['uid']){
        exit('{"code":-1,"msg":"不能领取他人奖励！"}');
    }
    if($row['yzhm']==$row['hm']){
        $money=$row['money'] *$conf['guess_multiple'] ;
        $DB->query("update `authguao_guess` set `prize`='1' where `id`='{$id}'");
        $DB->query("update `authguao_user` set `rmb`=`rmb`+{$money} where `uid`='{$userrow['uid']}'");
        addPointRecord($userrow['uid'], $money, '中奖', '恭喜您在第'.$row['jcqs'].'期竞猜活动中奖了，获得'.$money.'元');
        exit('{"code":0,"msg":"领取奖励成功！"}');
    }else{
        exit('{"code":-1,"msg":"这条竞猜记录好像并未中奖！"}');
    }
break;
case 'getprize':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    if($conf['invite_open']!=1)exit('{"code":-1,"msg":"邀请返利系统正在维护更新，敬请期待！"}');
    $id = intval($_GET['id']);
    $row=$DB->get_row("SELECT * FROM authguao_invitelog WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该邀请记录不存在！"}');
    }
    if($row['prize']=='1'){
        exit('{"code":-1,"msg":"已经领取了不可重复！"}');
    }
    if($row['type']==3){
        $name='权限';
    }elseif($row['type']==2){
        $name='认证';
    }elseif($row['type']==1){
        $name='授权';
    }else{
        $name='注册';
    }
    if($row['uid']!=$userrow['uid']){
        exit('{"code":-1,"msg":"不能领取他人奖励！"}');
    }else{
        $sql = "update `authguao_invitelog` set `prize`='1' where `id`='{$id}'";
        if ($DB->query($sql)) {
            $DB->query("update `authguao_user` set `rmb_tc`=`rmb_tc`+{$row['money']},`invite_lq`=`invite_lq`+1 where `uid`='{$userrow['uid']}'");
            addPointRecord($userrow['uid'], $row['money'], '邀请奖励', '邀请用户：'.qqname($row['qq']).$name.'获取了'.$row['money'].'元');
            exit('{"code":0,"msg":"领取邀请奖励成功！"}');
        } else {
            exit('{"code":-1,"msg":"领取失败！' . $DB->error().'"}');
        }
    }
break;
case 'user_czpass':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $uid=intval($_GET['uid']);
    $row=$DB->get_row("SELECT * FROM authguao_user WHERE uid='{$uid}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该用户记录不存在！"}');
    }
    if($row['upuid']!=$userrow['uid']){
        exit('{"code":-1,"msg":"无法操作他人下级！"}');
    }
    if($row['pwd']=='123456'){
        exit('{"code":-1,"msg":"该用户的密码已是初始密码！"}');
    }
    $sql="update `authguao_user` set `pwd` ='123456' where `uid`='{$uid}'";
    if($DB->query($sql)){
        exit('{"code":0,"msg":"已将该用户的密码重置为123456[初始密码]"}');
    } else {
        exit('{"code":-1,"msg":"重置密码失败！' . $DB->error().'"}');
    }
break;
case 'uset_user':
    if($islogin2!=1)exit('{"code":-1,"msg":"未登录！"}');
    $qq=daddslashes(htmlspecialchars(strip_tags($_POST['qq'])));
    $email=daddslashes(htmlspecialchars(strip_tags($_POST['email'])));
    $gxmp=daddslashes(htmlspecialchars(strip_tags($_POST['gxmp'])));
    $citylist=daddslashes(htmlspecialchars(strip_tags($_POST['citylist'])));
    $pwd=daddslashes(htmlspecialchars(strip_tags($_POST['pwd'])));
    if(!empty($pwd) && !preg_match('/^[a-zA-Z0-9\_\!\@\#\$~\%\^\&\*.,]+$/',$pwd)){
        exit('{"code":-1,"msg":"密码只能为英文与数字！"}');
    }elseif(!preg_match('/^[0-9]{5,11}+$/', $qq)){
        exit('{"code":-1,"msg":"QQ格式不正确！"}');
    }else{
        $DB->query("update authguao_user set qq='$qq',email='$email',gxqm='$gxqm',citylist='$citylist' where uid='{$userrow['uid']}'");
        if(!empty($pwd)){
            $DB->query("update authguao_user set pwd='$pwd' where uid='{$userrow['uid']}'");
        }
        exit('{"code":0,"msg":"修改保存成功！"}');
    }
break;
default:
    exit('{"code":-4,"msg":"No Act"}');
break;
}